www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
172.67.222.188200 OK 2.2 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
IP 172.67.222.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 14b4aad32c6e75d9594d417d6ccd40da
f835f17695a98d9f8f43abe24959c4279f624904
844bc4b0f57a43aba14945cdccb939c1a4c8d309fdda3968229f8288f768f6af
GET /x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120 HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="; Max-Age=300; Path=/; HttpOnly; SameSite=Lax
cache-control: private
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Llf9tuQaLO2eZQorMsh%2BVit%2BK2xWL02MAAuhm0QTtq7gPX7Mhp%2Fm4eiWYK2%2F%2BDByUx1vAbwrkLTnvdjU7cBEkt9USoBFTo9dq7ehiQiFCs6fsannp5cMU3X8wBUlviL8e%2BJO5lksA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772c8c455dcb0b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4387
Cache-Control: max-age=162548
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:11 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:44:19 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 14:18:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1023
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash fac97585e2ade88546f664f3bdc32c19
951f4b7f91f0d963e56bbab370647caed9f60287
7328b50cc11ed5cc081891644a18261991fefc7083d1b4bfb76ff3ccb91de1a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4852
Cache-Control: max-age=118759
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:12 GMT
Etag: "6387d593-118"
Expires: Fri, 02 Dec 2022 23:34:31 GMT
Last-Modified: Wed, 30 Nov 2022 22:13:39 GMT
Server: ECS (amb/6B99)
X-Cache: HIT
Content-Length: 280
www.secretswipes.com/x/jk1289xas/files/function.js
172.67.222.188200 OK 125 B URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/function.js
IP 172.67.222.188:0
File type ASCII text, with no line terminators
Hash 91f476ac618b410e7141772f825c89de
595d87b95c26823ec93db1d602082ada5a0274cd
a485fc7c3567664f5b6769758dbf5fca4003a27cf790bb309b8b1a390249b1d7
Analyzer Verdict Alert fortinet Phishing
GET /x/jk1289xas/files/function.js HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:12 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: W/"628e85c2-79"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83%2BJ%2B1Tij6cubPG%2FhvetoAMfTMhk0azbRTkPAH3VvkSKQq3Wx8OQhZdHwp7x176QAzJMoxIF8WZ4uS3YGoHSzUqsZgalAWyxnkqvms958bO7KOIIpv3TKgDJaPPZIGPAT9t5vv3nDA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c8c47ee480b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.secretswipes.com/js/app.js
172.67.222.188200 OK 674 B URL HTTP/1.1 www.secretswipes.com/js/app.js
IP 172.67.222.188:0
Hash 061b68d44cfa4a131cd8596ad94ff02c
e25d045fd5ea13cea15575bb2d5643ce2c891e3a
8d28da6f804ba1b617c264575118684fbb63423e54eb4950946635b4dec96dc2
Analyzer Verdict Alert fortinet Phishing
GET /js/app.js HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:12 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sat, 17 Sep 2022 17:19:51 GMT
vary: Accept-Encoding
etag: W/"632601b7-504"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5gCA648%2B2gXxf%2BUQ0gCkT2RFcEtBoFAF6UFlQE%2BR%2BB4W2NqBzgx0A0%2Fbgaqz8fJrztc9Sm77fnua7%2Bb7NVLO93Nyjy%2FlBe%2BCQ5Ug2XSgn4%2FLNpSEGC0MgEPZa6Q9SAQsF9h2nUgcg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772c8c47ff981c0e-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash fac97585e2ade88546f664f3bdc32c19
951f4b7f91f0d963e56bbab370647caed9f60287
7328b50cc11ed5cc081891644a18261991fefc7083d1b4bfb76ff3ccb91de1a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4852
Cache-Control: max-age=118759
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:12 GMT
Etag: "6387d593-118"
Expires: Fri, 02 Dec 2022 23:34:31 GMT
Last-Modified: Wed, 30 Nov 2022 22:13:39 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
www.secretswipes.com/x/jk1289xas/files/styles.css
172.67.222.188200 OK 1.9 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/styles.css
IP 172.67.222.188:0
File type ASCII text, with very long lines (7988), with no line terminators
Hash 2c17626e9773700d2f56af402e2f9d30
312bcacc69a3d5fd488fc0a6706b6be5885191a6
b484a637dd7beec358688ea952cc23cd1e0f56e3f65a431c4fb60edd7dfe073f
GET /x/jk1289xas/files/styles.css HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
vary: Accept-Encoding
etag: W/"628e85c2-1f34"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XORuRAgyfZNxV3qL1s38Pn9o4HQ%2FhPjz%2BNk3QUBI2YBDjxeBHpP6gcOpIbS3dqnY%2Fs5xw9%2FEWXPFi1WlVPde63wQ3Uk%2BhPrz5tkUVFYVNKYSW3DDXcW%2B1ds4uWrcMVv7eb5wytb%2Biw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772c8c47e8f60b41-OSL
alt-svc: h2=":443"; ma=60
www.secretswipes.com/x/jk1289xas/files/showhide.js
172.67.222.188200 OK 486 B URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/showhide.js
IP 172.67.222.188:0
File type ASCII text, with very long lines (821)
Hash 391e200089c15a13609cb1ff1579f534
ac6da778593c36163e40a49dccc3d137fdbc8447
ece57f103b9f0f63eae18b732f63aae399bdc466c650a11ba0ccb06a1a140db4
Analyzer Verdict Alert fortinet Phishing
GET /x/jk1289xas/files/showhide.js HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:12 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
vary: Accept-Encoding
etag: W/"628e85c2-6b1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nl6fGBFRvN0ugLinG%2BTY0BwMCFNtzr1YszV%2B7k8Yy9a2cGAlsuLs48xFuLd2IX%2F7%2FXqAyrv9WstbLXKrPbG%2FpXt6mRGvdCZzjuyLeJyOQfVHZh2fvfBlIRS50oEfuh6bxtPAAn74Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772c8c47ea12b4ff-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash fac97585e2ade88546f664f3bdc32c19
951f4b7f91f0d963e56bbab370647caed9f60287
7328b50cc11ed5cc081891644a18261991fefc7083d1b4bfb76ff3ccb91de1a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=113907
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:12 GMT
Etag: "6387d593-118"
Expires: Fri, 02 Dec 2022 22:13:39 GMT
Last-Modified: Wed, 30 Nov 2022 22:13:39 GMT
Server: nginx
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.secretswipes.com/x/jk1289xas/files/jquery.min.js
172.67.222.188200 OK 30 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/jquery.min.js
IP 172.67.222.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 30383dbf70a4fee8fc9362726e102f93
12cfd136eb72f6fabb1fa5404715c2882a63abf2
bbec4a319e466240038dea909154b9472f669e99aa43d10c013deecdba705ba4
Analyzer Verdict Alert fortinet Phishing
GET /x/jk1289xas/files/jquery.min.js HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:12 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
vary: Accept-Encoding
etag: W/"628e85c2-14e44"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUbbO8bHaIYEKxQRaRD5mNEofP4KVYDDXGYQBG%2BKFtBlC6ywTmIR5VdeFCu6IbjBrcN6Naou2Gt7YgojncmvENY9lk4D4UhPNJAGZ50hyBP3KerzOo25z22ntcWUAe0cB%2F8jCSw9BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772c8c47e9c1b518-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 14:08:56 GMT
cache-control: public,max-age=3600
age: 1576
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4393
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:12 GMT
Last-Modified: Thu, 01 Dec 2022 13:21:59 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d4b316fc528399445814c1a3c6078d9
1af63b78555381279d1c8e0b86cb86e729b6b153
014470d8e67368e1af49992bfc3e8e99ea7ebe76058f0906242afb25341e21af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1611
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:12 GMT
Etag: "63886392-118"
Last-Modified: Thu, 01 Dec 2022 14:08:21 GMT
Server: ECS (amb/6B99)
X-Cache: HIT
Content-Length: 280
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 597294
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.secretswipes.com/x/jk1289xas/files/bg4.jpg
172.67.222.188200 OK 28 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/bg4.jpg
IP 172.67.222.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3\012- data
Hash f991107bbb60e393392d613ecba9889c
6924dd0e882f1d7d0adfb21be6aac32e607e2ed2
6b7c3b470d975ee9914cbc54c0f27f6a7844d4a131685baca4b4a7b2791f181f
GET /x/jk1289xas/files/bg4.jpg HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:12 GMT
Content-Type: image/jpeg
Content-Length: 27631
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-6bef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgryio%2FEsjhHdeUxZncLhoSTkveEQysIUBwfGXLhZsx7%2BBVOTNXX1BaiRRh%2BqGgYIObISX0rvk4q3gmQytSLhvSQxphGVYj3TSCgdAtEjqC6d9a38YoN7gTKnbMDow7LdLHe8KAjKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c8c4a39991c0e-OSL
alt-svc: h2=":443"; ma=60
tag.swpush.com/action-track
188.114.96.1204 No Content 0 B URL HTTP/2 tag.swpush.com/action-track
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 01 Dec 2022 14:35:12 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofUs5n%2BLUaxe%2BCX9SvbIZYijG80W1gbKeubBuS38eP%2Bqej6NBswCTyt0FYDMSGkY12tKdMTOxvJDtax6%2Bj7vhQDys1sXJZo0FZ9mct1ruw0EUse5b0U9pGWvxa06U2tKAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c8c4b2909b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tag.swpush.com/action-track
188.114.96.1204 No Content 0 B URL HTTP/2 tag.swpush.com/action-track
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 01 Dec 2022 14:35:12 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1107%2FaonaITBUtQIlYAFINPVoVK9edEOgWoMbl9Bbz5sNV0yaaLH%2FTh8b0WyjbamY3ZHXmNKkwqK4Cm1r2Jx7zvfcyFEaLfG4v6h21VjR4Ry28RiDMVawXpj8ZhvCUeA0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c8c4b2916b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.secretswipes.com/x/jk1289xas/files/bg2.jpg
172.67.222.188200 OK 27 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/bg2.jpg
IP 172.67.222.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3\012- data
Hash 436f23275831ecfb616ebeb0a6764f23
99a9c48be4bb379506eeb8eecbef019c1bcd6b40
7a22cacf5ed80b8a868c4626147ac374d209ef163fefac4c817c11ac7359274a
GET /x/jk1289xas/files/bg2.jpg HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:12 GMT
Content-Type: image/jpeg
Content-Length: 26588
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-67dc"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dQMLefVU1plgiR6yPvx%2Fv03ZMA2p3TgbPeEi7gq3q3x01qYu2qA6HyhXtxHknslZcsT5pnkjEPPB07kFwukar%2Fg3EJR4RbWKjxyPyGcPmeuzTPLP572b6bcDJ7seVo0e4SoPG3Aiw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c8c4a3d9cb4ff-OSL
alt-svc: h2=":443"; ma=60
www.secretswipes.com/x/jk1289xas/files/bg5.jpg
172.67.222.188200 OK 27 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/bg5.jpg
IP 172.67.222.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3\012- data
Hash d0463dc81f32719cda181af92a18bbe2
180954b20a34ddc4a49e1089df455a54074aab50
f26f756eb9d8a74c8880ffb25abbab77a96cc42bba39476d7226e804a0eac91a
GET /x/jk1289xas/files/bg5.jpg HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:12 GMT
Content-Type: image/jpeg
Content-Length: 26977
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-6961"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1kvB%2BzIiqVc2qpoYJ66Gt6pzMUUHqgDtB%2FlxxmGFFMItsz1X7V%2BUBukqO1oMtn8kFotP5MY9E90e9E5mRQHrE7tSwF7YvyJGHVumv2A35syqE9cB7VbFLSg2bWe9%2FhvGhY9lkrx4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c8c4a3ceeb518-OSL
alt-svc: h2=":443"; ma=60
www.secretswipes.com/x/jk1289xas/files/bg3.jpg
172.67.222.188200 OK 29 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/bg3.jpg
IP 172.67.222.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3\012- data
Hash 1d82a9c16d537de6dc7da58e7e937cf0
309837e0e7df136b7ee0ae65b033af0147008f45
61918ed8a633086b73ec4ca84e1971ac7e4e5111a3ecd3c66a763cf0ab55b981
GET /x/jk1289xas/files/bg3.jpg HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:12 GMT
Content-Type: image/jpeg
Content-Length: 28731
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-703b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdUuvudGqISf8KDxioNzYL6if9iPxFn0Pi9HKQNWqOSr879HrMNgA6%2BzkeEu626SKzWKWGUsuiTq8zPucXHBbJuYBXkykHy2VY4J%2Ft2uUFUXLWJx0emKF%2F0xKXqmgFW23h%2F3gKmFWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c8c4a38670b51-OSL
alt-svc: h2=":443"; ma=60
tag.swpush.com/action-track
188.114.96.1400 Bad Request 41 B URL HTTP/2 tag.swpush.com/action-track
IP 188.114.96.1:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2b3d1dfa17a6e2be3f51bc4daf604435
374418a2d177a4012685476a2c1643e15e546e64
6bfccd30af11322070311b7f99ff7682ae00513fade6ecec5bf5bd10c34e2d1d
POST /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Content-Length: 64
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
date: Thu, 01 Dec 2022 14:35:12 GMT
content-type: application/json; charset=utf-8
content-length: 41
vary: Origin
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvLJFFnozlLTS3y9lrxAD%2Fyz3PFsqENxd9xLJ%2FzFe3cJOAoRWpUTRBZ9reic80f0PyW%2BCCrS%2FXB85XdDFETY6rUed8ADFmWdUarQmt9jNzvoR2CrQFElh3RpTdnVoY2ToQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c8c4bc9c8b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.secretswipes.com/x/jk1289xas/files/bg1.jpg
172.67.222.188200 OK 31 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/bg1.jpg
IP 172.67.222.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3\012- data
Hash 1402f29aa77e82069d530d08be3c7e36
6d0586c19da360e3ce8dd45b451c53258dd2971b
2b0944e5b0df6219b91a8ba48c7246b5ad37c6b82f4b610b7025e124840690b1
GET /x/jk1289xas/files/bg1.jpg HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:12 GMT
Content-Type: image/jpeg
Content-Length: 31088
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-7970"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuqB%2FE99DzdbEQbYgbNHz3yUgeP3ar6VBRtDqZWjyzH1HKTm88GAYqForjaecCWsXDE%2FeB%2FWQsbdbCTxazC6dQixlfhqZgpj31k64KSGVVaB9AHVkxBK80SbAn9wyhEykbmo3a6hGA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c8c4a3cefb518-OSL
alt-svc: h2=":443"; ma=60
tag.swpush.com/action-track
188.114.96.1400 Bad Request 41 B URL HTTP/2 tag.swpush.com/action-track
IP 188.114.96.1:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2b3d1dfa17a6e2be3f51bc4daf604435
374418a2d177a4012685476a2c1643e15e546e64
6bfccd30af11322070311b7f99ff7682ae00513fade6ecec5bf5bd10c34e2d1d
POST /action-track HTTP/1.1
Host: tag.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Content-Length: 64
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
date: Thu, 01 Dec 2022 14:35:12 GMT
content-type: application/json; charset=utf-8
content-length: 41
vary: Origin
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJH9f0TKLa2kiSd1m0CF3pbTlBZJeGgSCMTP%2FLVv0EjWqTpDUdpOcICbPxOYGH51E%2F3V5Q0smbgGwbNpFKwFpMpkMhC0p0UBRlf60qUnWqdxqrak%2FNg%2FDj6kqHoyNXYhww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c8c4bd9cdb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 752148900f4327e34a1eef7756148cce
21f0a4a57f66b0be125a62f7764a9b61810aafca
4ceeb8b73eae6b2834925b8c6723c739526f1956240026341e7df19b2a7aecfb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4CEEB8B73EAE6B2834925B8C6723C739526F1956240026341E7DF19B2A7AECFB"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 01 Dec 2022 20:35:12 GMT
Date: Thu, 01 Dec 2022 14:35:12 GMT
Connection: keep-alive
app.api-push.com/get-keys
172.64.163.28204 No Content 0 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 01 Dec 2022 14:35:12 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BWEcixLMO6kCF%2F6MnqWt1OO%2BqQuDRLnMo7H5sBgqdrVTL%2FEYwQkS193pNwj%2F6sjMUxpZ%2BJi7wD37NspgUrgbrdWgJ0m3uF8GVFjHVWZ%2BIlHAqK7Ux9q%2BVo%2BWxP%2FLDnuECWr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c8c4bbca575c3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d4b316fc528399445814c1a3c6078d9
1af63b78555381279d1c8e0b86cb86e729b6b153
014470d8e67368e1af49992bfc3e8e99ea7ebe76058f0906242afb25341e21af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1611
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:12 GMT
Last-Modified: Thu, 01 Dec 2022 14:08:21 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
www.secretswipes.com/x/jk1289xas/files/logo_user.png
172.67.222.188200 OK 2.7 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/logo_user.png
IP 172.67.222.188:0
File type PNG image data, 106 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash a45cbe874cc4a0052afb718c348dcb18
42470b0690ea1bdae19affa072cf560b4a29d7db
8d919905b98631ac02ce395cb20950f2379bcd9cea4f2e9f144f89a3e90e0bd1
GET /x/jk1289xas/files/logo_user.png HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/files/styles.css
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:12 GMT
Content-Type: image/png
Content-Length: 2734
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-aae"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFuaXGyz%2F8AgWCylaMYhsBrEdtxrottbrXk4809KhiXfAZnoo12m4ZrJU2lxQ1tMdBvwHSlJI8RhWdosD4WK7gpe45z4p3oEWO7VG1LpwroalifIxPT5HNBEognhicd%2Fl61%2Bt3B6Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c8c4baab51c0e-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
52.39.62.124101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.62.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZpJNbuThu9N69qo0YcwgzA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iHLEzyGBtoiJELxblOQRvvcTYsU=
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: K4yiIM6IxjTv1S4+OSX7/J8HdTssPPX6Wp5MX2RJQFJn+PxSRj5WlBtqP1BawSlSiEg5tpf18ms=
x-amz-request-id: G53KMX00HNMHGN79
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 13:45:41 GMT
age: 2971
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 752148900f4327e34a1eef7756148cce
21f0a4a57f66b0be125a62f7764a9b61810aafca
4ceeb8b73eae6b2834925b8c6723c739526f1956240026341e7df19b2a7aecfb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4CEEB8B73EAE6B2834925B8C6723C739526F1956240026341E7DF19B2A7AECFB"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 01 Dec 2022 20:35:12 GMT
Date: Thu, 01 Dec 2022 14:35:12 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 14:35:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
172.64.163.28204 No Content 0 B URL HTTP/2 subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8 HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: http://www.secretswipes.com/
Origin: http://www.secretswipes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 01 Dec 2022 14:35:13 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPuwBTkvsLPg9iUtDSqEmPvjQ5rtuknIwlxY6bJeO4vwEby2VtuOrj5cKm8ZWVu6wSSRhScZ0HOZLWOdHSOsfCeolDnHB78s9tfMI4quxYpRSNOL5ADFV%2B2sHxc9gjGwFg7O8UnXbhTN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c8c4ddfae75c3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.secretswipes.com/favicon.ico
172.67.222.188200 OK 3.5 kB URL HTTP/1.1 www.secretswipes.com/favicon.ico
IP 172.67.222.188:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1afd0490a7c54f3762f6d69a39fda96f
60ff08ef286f291f51397f5f64265b5785255f3e
acb0653f24a2eb7cadc905929864bb742896201ad86d5899c4ca44b77f14e96d
GET /favicon.ico HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:13 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 10 Oct 2021 05:17:00 GMT
vary: Accept-Encoding
etag: W/"6162774c-d90"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBWwF%2FOBZ3D%2BCtS7OLXAjQw%2FXpsNBbptjyJ3oJ6rauuasxwWmuM4jEBK%2B%2F6ZSlN7yp5S2OtgLOrj0wvsCiHfyLm4cQhYcgXKtSwOXK64To7bLGr4iV8lI5d7kB3b3iQTlWEW9ulWeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772c8c4efb5eb518-OSL
alt-svc: h2=":443"; ma=60
subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
172.64.163.28200 OK 5 B URL HTTP/2 subscribe.api-push.com/subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8
IP 172.64.163.28:0
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /subscriber/null/c0251034-ed66-4440-b1ba-53c0104c9af8 HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 14:35:13 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kYQQ%2FAqdRtnNiUlLOJDOTR%2BlG08lz0mnanYRbDP2wDBaMnirqAcgLHelGJMwc3CPKL8LaCC0nAvaFqUvhFUgtmkHqpQJLVzR9%2BNa2SYpiryRYzyn8MFfaHGbsCj8sJIPX%2BujMpBVEUb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c8c4f197275c3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.secretswipes.com/x/jk1289xas/files/gif_main.gif
172.67.222.188200 OK 868 kB URL HTTP/1.1 www.secretswipes.com/x/jk1289xas/files/gif_main.gif
IP 172.67.222.188:0
File type GIF image data, version 89a, 270 x 480\012- data
Size 868 kB (868026 bytes)
Hash 545ddbb65ca2cecb6fed09a513c1618f
a5e00e6164892ba3ba7950b796c5a22b1724166a
35654f03499d2dd1945ea1bdcd17c4cc2ca4a152e812dd42994f881d879604d9
GET /x/jk1289xas/files/gif_main.gif HTTP/1.1
Host: www.secretswipes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.secretswipes.com/x/jk1289xas/files/styles.css
Cookie: DO-LB="MTAuMTM2LjAuMzo4MA=="
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 14:35:12 GMT
Content-Type: image/gif
Content-Length: 868026
Connection: keep-alive
last-modified: Wed, 25 May 2022 19:38:42 GMT
etag: "628e85c2-d3eba"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: private
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMVTpPk8hvfuaLZYyC5FqiqgRqjzcQZ97xLnhT%2BK1svcX2Gczty2Ahlx7%2BikbqSec22qxnFC%2FKEIlxh5SeFV2QAo%2F0VPy6WXSSGJqsGCp4IrK3fGzSw9CKOD6NAtDr9vLsflLgi6Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c8c4afca90b41-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 60582
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 10:48:24 GMT
age: 13611
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:44:47 GMT
age: 60628
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 60355
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 12:31:43 GMT
age: 7412
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: b7c0e28a-de0d-443d-8bf4-900a964bf110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uSFcMoAMF2CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc1-7abade3a670201cf1906b79f;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gZSkafSw8cXo9AChLOTVJW7r_hHLW8kaHlA-ED2_zFJwuUk1uS3VRw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:29:36 GMT
age: 3939
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash dc12539aed9d62f4bb6467c6703ce011
415f8fb539d8a031888fd921bee6fbaf1354e0b7
81e2c42f784d3f60a107f77f5880b00d32b34f4700bf343af3d32c27dc39f771
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169643
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:15 GMT
Etag: "6388af4e-116"
Expires: Sat, 03 Dec 2022 13:42:38 GMT
Last-Modified: Thu, 01 Dec 2022 13:42:38 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash dc12539aed9d62f4bb6467c6703ce011
415f8fb539d8a031888fd921bee6fbaf1354e0b7
81e2c42f784d3f60a107f77f5880b00d32b34f4700bf343af3d32c27dc39f771
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=169643
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 14:35:15 GMT
Etag: "6388af4e-116"
Expires: Sat, 03 Dec 2022 13:42:38 GMT
Last-Modified: Thu, 01 Dec 2022 13:42:38 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
cdn-dt.fcdn.info/cal2.min.js?_=1
104.21.234.86200 OK 0 B URL HTTP/2 cdn-dt.fcdn.info/cal2.min.js?_=1
IP 104.21.234.86:0
GET /cal2.min.js?_=1 HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 14:35:12 GMT
content-type: application/javascript
last-modified: Wed, 10 Feb 2021 18:52:34 GMT
etag: W/"60242b72-18e8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 501427
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNLztTAZyt0suv6sJ%2BbNixr3k9bOHV5puOh6qCi8jcBa%2BR2Or8xKBy%2FX%2FT9bfEf17d8bshWBzme4ezPvnhrZY2Gg27A1GOFrUrftPUwiiyJ8VmmckpbHXSbbFOkjlo3SPVfz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772c8c48acd77735-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap
IP 142.250.74.106:0
GET /css2?family=Montserrat:wght@400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 14:35:12 GMT
date: Thu, 01 Dec 2022 14:35:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjam.com/cdn/sdialog.min.css?_=4
172.67.166.71200 OK 0 B URL HTTP/2 cdnjam.com/cdn/sdialog.min.css?_=4
IP 172.67.166.71:0
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 14:35:15 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 16
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOr3lAPvkFlR1I96gwsM3wxX36LJ6TlIZrpR4fkn4Cu%2BPOw6UDW1ODVrbK2F4JlqsIcXUZHoWck694QY%2BxkJdQu4FG0w605SLeLwfSy%2BUpzmFjeR26GXItZO9m2g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c8c5c1b61b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.api-push.com/get-keys
172.64.163.28200 OK 0 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.163.28:0
POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: http://www.secretswipes.com/x/jk1289xas/?cep=sCz2tpC4a91hob2dZpgaKhqsPPPN5AZBc9oMR6Z_J6KvImFUBGGebqzaHQj85qRk-yfrM0i4rUAmipSec8cvQdJC51oE3J8sgLc59K2mYgqK2wlDp6r-_BT6Fr59Bcy6iFNVI2WBKYL-jMOg86IgXCQkE52EChU3VrG5XrMYhwMn96kHR8DyGt0OQBQgiVkdoCsxFxcv009ZLK23YKDePJEvA43E2-SzP65WUuzz8s58O4t_OJLut_75bvg_AzbsDJZWu1xJP_kFm7_-7BKuNTudtExMRyAmE5pKAUh_XXlvcwNA3XlOpd9PxWFsIWMkHWEL-6epgwrGKSSDAGZCxetMIgzHy_RO0SEcIMCUc0MmNlD8Z6xpO2Ahd0mVRauaOdVSWQi_Pz5GOpji0E3Wjo13_W-BwnAKdKKfY0bSxlozwUuz4hl3sDTJmDybadj0942lXN-eid8yd2_LMg-h6A&lptoken=165e696790b371a90042&pub=9881&source=15_21120&externalid=76388bb8ef016b4.06215577&_ocid=wdulstuco48ts6sk23k5ai46&autocamp=15_21120
Content-Length: 89
Origin: http://www.secretswipes.com
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 14:35:12 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rckeAnvDDZ55D2mnYUEcWWtDxqexm7%2FwJQXO64%2FRNDbFDmlJWqnVYEHry79DoJh0KypmDym3T48plCcYJ%2B6myeAXNmQ%2BkaYFHVSRnlJd1KE3OtJ5tPQotjWAoTTIVjn2xPDq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c8c4cbdff75c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theemforest.com/p/1
172.67.193.142200 OK 0 B IP 172.67.193.142:0
GET /p/1 HTTP/1.1
Host: theemforest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.secretswipes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 14:35:12 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWwrO3naf4m2zyQKYYOe54AhkQGaFzL37KbuhgEvV6EbBoOXLmIrD1mXUenXc%2FDIX4%2FpEaCPzq2rXVdyYGsOMdbidtt%2BSw3dcRexZSLBsBZstcaDZWQxPo57EjZ%2FVl7hsY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c8c4c8bd4b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2